Closed ob closed 1 year ago
I was playing with Panamax and while running cargo audit found this:
cargo audit
panamax ❯ cargo audit Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 477 security advisories (from /Users/obonilla/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (230 crate dependencies) Crate: regex Version: 1.4.6 Title: Regexes with large repetitions on empty sub-expressions take a very long time to parse Date: 2022-03-08 ID: RUSTSEC-2022-0013 URL: https://rustsec.org/advisories/RUSTSEC-2022-0013 Solution: Upgrade to >=1.5.5 Dependency tree: regex 1.4.6 ├── env_logger 0.9.3 │ └── panamax 1.0.6 └── console 0.14.1 └── panamax 1.0.6 error: 1 vulnerability found!
Updating the dependencies made it go away.
LGTM! Thank you!
I was playing with Panamax and while running
cargo audit
found this:Updating the dependencies made it go away.